Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 192636 - CVE-2006-1858 SCTP chunk length overflow
CVE-2006-1858 SCTP chunk length overflow
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
4.0
All Linux
medium Severity low
: ---
: ---
Assigned To: Red Hat Kernel Manager
Red Hat Kernel QE team
impact=low,source=vendorsec,reported=...
: Security
Depends On:
Blocks: 176344
  Show dependency treegraph
 
Reported: 2006-05-22 06:09 EDT by Marcel Holtmann
Modified: 2009-03-09 07:46 EDT (History)
4 users (show)

See Also:
Fixed In Version: RHSA-2006-0617
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-22 14:48:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
backport of the referenced patch (1.32 KB, patch)
2006-05-30 15:44 EDT, Neil Horman 		no flags Details | Diff
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0617 normal SHIPPED_LIVE Important: kernel security update 2006-08-22 00:00:00 EDT

  None (edit)
Description Marcel Holtmann 2006-05-22 06:09:06 EDT 
When performing bound checks during the parameter processing, we want to use the
real chunk and paramter lengths for bounds instead of the rounded ones. This
prevents us from potentially walking of the end if the chunk length was
miscalculated.

The upstream fix can be found here:

http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=dd2d1c6f2958d027e4591ca5d2a04dfe36ca6512
Comment 1 Neil Horman 2006-05-26 16:29:30 EDT 
verifying the backport now
Comment 2 Neil Horman 2006-05-30 15:44:41 EDT 
Created attachment 130246 [details]
backport of the referenced patch

Backport of the referenced patch.  I'll post as soon as the U5 tree opens up.
Comment 3 Jason Baron 2006-08-07 14:42:56 EDT 
committed in stream E5 build 42.0.1. A test kernel with this patch is available
from http://people.redhat.com/~jbaron/rhel4/
Comment 6 Red Hat Bugzilla 2006-08-22 14:48:50 EDT 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0617.html
Comment 7 Jason Baron 2006-08-30 13:46:33 EDT 
committed in stream U5 build 42.4. A test kernel with this patch is available
from http://people.redhat.com/~jbaron/rhel4/
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.